Jump to Content

Create Policy

post

https://api.corestack.io/governance/guardrails/{tenant_id}/policies

Creates a new policy under the tenant which will generate a unique policy id in the response this is can be used to describe details about the policy, update policy, execute or delete policy. However the policy will be accessible based on its scope Account scope - All users under that account will have access to describe and execute. Only Account admins can update/delete. Tenant - Users with access to the specific tenant will have access scripts to describe and execute. Tenant admins can update/delete. Private - User who created will only have access.

Path Params

tenant_id

string

required

Specify the tenant ID. This is a unique ID and can be retrieved using the List Tenants API.

Body Params

name

string

required

policy name which is unique and does not allow special character or space

display_name

string

Display name of policy which allow space this is to mostly show on the ui

description

string

required

A brief explanation of the policy.

type

array of strings

Indicates the type of policy

type

category

string

required

The category will be either service or resource

content

string

required

The policy content

is_system_policy

boolean

Flag to identify system policies

engine_type

string

enum

required

Engine type of the policy

cloud

array of strings

Displays the cloud associated with the policy

cloud

classification

string

required

Policies are classified based on the basis of the activity they perform, for example provisioning, Account Management, Utilization, etc. This value is displayed in this field

sub_classification

string

required

Sub classification for policy

scope

string

enum

required

The scope of the policy: Account scope - All users under that account will have access to view and execute Only Account admins can update/delete the policies, Tenant Scope - Users with access to the specific tenant will have access to policies who can describe or execute policies. Tenant admins can only update/delete. Private Scope - User who created will only have access

Allowed:

content_type

string

enum

required

Policy content source

Allowed:

content_password_or_key

string

Password or private key to access of Git repo if repo is authenticated required only in case of content type git

content_username

string

Username of Git repo if repo is authenticated required only in case of content type git

content_url

string

Git project URL when the content type is git required only in case of content type git

content_path

string

Root path of the policy in git repo required only in case of content type git

severity

string

enum

required

Severity of policy.

Allowed:

Responses

Language

Credentials

Header

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json